Information input/output system, key management device, and user device
Abstract
In an information input/output system, a user device inputs and outputs information to and from external sources including a key management device. The system includes the key management device that securely outputs invalid-device information specifying an invalid device unit that has been made invalid for use, and the user device that includes an input/output unit and a host unit. Via the input/output unit, input and output of information is enabled between the host unit and the external sources. The host unit securely receives, via the input/output unit, the invalid-device information outputted by the key management device and judges whether or not the input/output unit is an invalid device unit by referring to the received invalid-device information. When judging, that the input/output unit is an invalid device, the host unit thereafter prohibits input and output via the input/output unit. Due to this construction, the host unit can correctly judge whether or not the input/output unit is an invalid device unit.
Claims
exact text as granted — not AI-modified1. An information input/output system, comprising:
a recording medium that stores:
(i) content encrypted using a media key,
(ii) an encrypted media key generated by encrypting the media key using a device key,
(iii) invalid-device information including identification information identifying one or more invalid input/output devices that have been made invalid for use, and
(iv) verification data, which is generated through a one-way conversion that is dependent on at least the media key and the invalid-device information, such that predetermined verification processing performed on the verification data fails when either (a) the encrypted media key is tampered with or (b) the invalid-device information is tampered with;
an input/output device that includes:
a storing unit that stores identification information that identifies the input/output device,
a read unit that reads the encrypted content, the encrypted media key, the invalid-device information, and the verification data from the recording medium, and
a transmission unit that transmits the encrypted content, the encrypted media key, the invalid-device information, the identification information of the input/output device, and the verification data; and
a host device that includes:
a storage unit that stores the device key,
a receiving unit that receives the encrypted content, the encrypted media key, the invalid-device information, the identification information of the input/output device and the verification data from the input/output device,
a verification unit that performs, through the one-way conversion that is dependent on at least the media key and the invalid-device information, the predetermined verification processing on the verification data in order to verify that neither the received encrypted media key nor the received invalid-device information has been tampered with;
a confirmation unit that, when the verification unit succeeds in the predetermined verification processing, confirms whether or not the input/output device has been made invalid by checking whether or not the received identification information of the input/output device is included in the received invalid-device information,
a first decryption unit that decrypts the encrypted media key, using the device key, and
a second decryption unit that decrypts the encrypted content using the media key when (i) the verification unit succeeds in the predetermined verification processing; and (ii) the confirmation unit confirms that the input/output device has not been made invalid.
2. A host device that uses content read from a recording medium via an input/output device, wherein the recording medium stores:
(i) content encrypted using a media key,
(ii) an encrypted a media key generated by encrypting the media key using a device key,
(iii) invalid-device information including identification information identifying one or more invalid input/output devices that have been made invalid for use, and
(iv) verification data, which is generated through a one-way conversion that is dependent on at least the media key and the invalid-device information, such that predetermined verification processing performed on the verification data fails when either (a) the encrypted media key is tampered with or (b) the invalid-device information is tampered with,
the host device comprising:
a storage unit that stores the device key;
a receiving unit that receives the encrypted content, the encrypted media key, the invalid-device information, the identification information of the input/output device and the verification data from the input/output device;
a verification unit that performs, through the one-way conversion that is dependent on at least the media key and the invalid-device information, the predetermined verification processing on the verification data in order to verify that neither the received encrypted media key nor the received invalid-device information has been tampered with;
a confirmation unit that, when the verification unit succeeds in the predetermined verification processing, confirms whether or not the input/output device has been made invalid by checking whether or not the received identification information of the input/output device is included in the received invalid-device information;
a first decryption unit that decrypts the encrypted media key, using the device key; and
a second decryption unit that decrypts the encrypted content using the media key when (i) the verification unit succeeds in the predetermined verification processing; and (ii) the confirmation unit confirms that the input/output device has not been made invalid.
3. A method for a host device for storing a device key and using content read from a recording medium via an input/output device, wherein the recording medium stores:
(i) content encrypted using a media key,
(ii) an encrypted media key generated by encrypting the media key using the device key,
(iii) invalid-device information including identification information identifying one or more invalid input/output devices that have been made invalid for use, and
(iv) verification data, which is generated though a one-way conversion that is dependent on at least the media key and the invalid-device information, such that predetermined verification processing performed on the verification data fails when either (a) the encrypted media key is tampered with or (b) the invalid-device information is tampered with,
the method comprising:
a receiving step of receiving the encrypted content, the encrypted media key, the invalid-device information, the identification information of the input/output device and the verification data from the input/output device;
a verification step of (i) performing, through the one-way conversion that is dependent on at least the media key and the invalid-device information, the predetermined verification processing on the verification data in order to verify that neither the received encrypted media key nor the received invalid-device information has been tampered with;
a confirmation step of confirming that, when the verification step succeeds in the predetermined verification processing, confirms whether or not the input/output device has been made invalid by checking whether or not the received identification information of the input/output device is included in the received invalid-device information;
a first decryption step of decrypting the encrypted media key, using the device key; and
a second decryption step of decrypting the encrypted content using the media key when (i) the verification step succeeds in the predetermined verification processing; and (ii) the confirmation step confirms that the input/output device has not been made invalid.
4. A computer-readable recording medium that stores an executable computer program used by a host device configured to store a device key and uses content read from a content recording medium via an input/output device, wherein the computer-readable recording medium is configured to store:
(i) content encrypted using a media key,
(ii) an encrypted media key generated by encrypting the media key using the device key,
(iii) invalid-device information including identification information identifying one or more invalid input/output devices that have been made invalid for use, and
(iv) verification data, which is generated through a one-way conversion that is dependent on at least the media key and the invalid-device information, such that predetermined verification processing performed on the verification data fails when either (a) the encrypted media key is tampered with or (b) the invalid-device information is tampered with,
the computer program when executed causes the host device to perform the following steps:
a receiving step of receiving the encrypted content, the encrypted media key, the invalid-device information, the identification information of the input/output device and the verification data from the input/output device;
a verification step of (i) performing, through the one-way conversion that is dependent on at least the media key and the invalid-device information, the predetermined verification processing on the verification data in order to verify that neither the received encrypted media key nor the invalid-device information has been tampered with;
a confirmation step of confirming that, when the verification step succeeds in the predetermined verification processing, confirms whether or not the input/output device has been made invalid by checking whether or not the received identification information of the input/output device is included in the received invalid-device information,
a first decryption step of decrypting the encrypted media key, using the device key; and
a second decryption step of decrypting the encrypted content using the media key when (i) the verification steps succeeds in the predetermined verification processing; and (ii) the confirmation step confirms that the input/output device has not been made invalid.
5. An integrated circuit device that uses content read from a recording medium via an input/output device, wherein the recording medium stores:
(i) content encrypted using a media key,
(ii) an encrypted media key generated by encrypting the media key using a device key,
(iii) invalid-device information including identification information identifying one or more invalid input/output devices that have been made invalid for use, and
(iv) verification data, which is generated through a one-way conversion that is dependent on at least the media key and the invalid-device information, such that predetermined verification processing performed on the verification data fails when either (a) the encrypted media key is tampered with or (b) the invalid-device information is tampered with; and the integrated circuit device comprising:
a storage unit that stores the device key;
a receiving unit that receives the encrypted content, the encrypted media key, the invalid-device information, the identification information of the input/output device and the verification data from the input/output device;
a verification unit that performs, through the one-way conversion that is dependent on at least the media key and the invalid-device information, the predetermined verification processing on the verification data in order to verify that neither the received encrypted media key nor the received invalid-device information has been tampered with;
a confirmation unit that, when the verification unit succeeds in the predetermined verification processing, confirms whether or not the input/output device has been made invalid by checking whether or not the received identification information of the input/output device is included in the received invalid-device information
a first decryption unit that decrypts the encrypted media key, using the device key; and
a second decryption unit that decrypts the encrypted content using the media key when (i) the verification unit succeeds in the predetermined verification processing; and (ii) the confirmation unit confirms that the input/output device has not been made invalid.Cited by (0)
No later patents cite this yet.
References (0)
No backward citations on record.